<?php
/**
* @file $Id: Side.php 543 2007-06-03 22:02:50Z focus-sis $
* @package Focus/SIS
* @copyright Copyright (C) 2006 Andrew Schmadeke. All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.txt
* Focus/SIS is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See COPYRIGHT.txt for copyright notices and details.
*/

error_reporting(1);
require_once("./Warehouse.php");

$tmp_REQUEST = $_REQUEST;
$_SESSION['Side_PHP_SELF'] = "Side.php";

$old_school = UserSchool();
$old_syear = UserSyear();
$old_period = UserCoursePeriod();

if(($_REQUEST['school'] && $_REQUEST['school']!=UserSchool()) || ($_REQUEST['period'] && $_REQUEST['period']!=$old_period))
{
	unset($_SESSION['student_id']);
	$_SESSION['unset_student'] = true;
	unset($_SESSION['staff_id']);
}

if($_REQUEST['school'] && $_REQUEST['school']!=UserSchool())
{
	unset($_SESSION['UserMP']);
	unset($_REQUEST['mp']);
}

if($_REQUEST['modfunc']=='update' && $_POST)
{
	if(User('PROFILE')=='admin' && $old_school!=$_REQUEST['school'])
	{
		$_SESSION['UserSchool'] = $_REQUEST['school'];
		DBQuery("UPDATE USERS SET CURRENT_SCHOOL_ID='$_REQUEST[school]' WHERE STAFF_ID='".User('STAFF_ID')."'");
	}

	$_SESSION['UserSyear'] = $_REQUEST['syear'];
	$_SESSION['UserCoursePeriod'] = $_REQUEST['period'];
	$_SESSION['UserMP'] = $_REQUEST['mp'];
	if(User('PROFILE')=='parent')
	{
		if($_SESSION['student_id']!=$_REQUEST['student_id'])
			unset($_SESSION['UserMP']);
		$_SESSION['student_id'] = $_REQUEST['student_id'];
	}
	echo "<script language=javascript>parent.body.location='".str_replace('&amp;','&',PreparePHP_SELF($_SESSION['_REQUEST_vars']))."';</script>";
}

if(!$_SESSION['UserSyear'])
	$_SESSION['UserSyear'] = $DefaultSyear;

if(!$_SESSION['student_id'] && User('PROFILE')=='student')
	$_SESSION['student_id'] = $_SESSION['STUDENT_ID'];

if(!$_SESSION['UserSchool'] && User('PROFILE')=='admin' && (!User('SCHOOLS') || strpos(User('SCHOOLS'),','.User('CURRENT_SCHOOL_ID').',')!==false))
	$_SESSION['UserSchool'] = User('CURRENT_SCHOOL_ID');
elseif(!$_SESSION['UserSchool'] && User('PROFILE')=='student')
	$_SESSION['UserSchool'] = substr(ltrim(User('SCHOOLS'),','),0,strpos(ltrim(User('SCHOOLS'),','),','));
elseif(!$_SESSION['UserSchool'] && User('PROFILE')=='teacher')
{
	if(UserMP())
		$QI = DBQuery("SELECT cp.SCHOOL_ID FROM COURSE_PERIODS cp, SCHOOL_PERIODS sp,COURSES c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.PERIOD_ID=sp.PERIOD_ID AND cp.SYEAR='".UserSyear()."' AND cp.TEACHER_ID='".User('STAFF_ID')."' AND cp.MARKING_PERIOD_ID IN (".GetAllMP('QTR',UserMP()).") ORDER BY sp.SORT_ORDER ");
	else
		$QI = DBQuery("SELECT cp.SCHOOL_ID FROM COURSE_PERIODS cp, SCHOOL_PERIODS sp,COURSES c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.PERIOD_ID=sp.PERIOD_ID AND cp.SYEAR='".UserSyear()."' AND cp.TEACHER_ID='".User('STAFF_ID')."' ORDER BY sp.SORT_ORDER ");
	$RET = DBGet($QI);
	$_SESSION['UserSchool'] = $RET[1]['SCHOOL_ID'];
}

if((!$_SESSION['UserMP'] || ($_REQUEST['school'] && $_REQUEST['school'] != $old_school) || ($_REQUEST['syear'] && $_REQUEST['syear'] != $old_syear)) && User('PROFILE')!='parent')
	$_SESSION['UserMP'] = GetCurrentMP('QTR',DBDate());

if(($_REQUEST['school'] && $_REQUEST['school'] != $old_school) || ($_REQUEST['syear'] && $_REQUEST['syear'] != $old_syear))
{
	unset($_SESSION['UserPeriod']);
	unset($_SESSION['UserCoursePeriod']);
}

if($_REQUEST['student_id']=='new')
{
	unset($_SESSION['student_id']);
	unset($_SESSION['_REQUEST_vars']['student_id']);
	unset($_SESSION['_REQUEST_vars']['search_modfunc']);
	unset($_SESSION['_REQUEST_vars']['LO_index']);
	unset($_SESSION['student_list']);
	echo "<script language=javascript>parent.body.location='".str_replace('&amp;','&',PreparePHP_SELF($_SESSION['_REQUEST_vars']))."';</script>";
}
unset($_REQUEST['modfunc']);

echo "
<HTML>
	<head>";
if($language!='en_US')
	echo '<meta http-equiv="Content-Type" content="text/html; charset="UTF-8"/>';
else
	echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />";
echo "
		<meta http-equiv=\"Content-Style-Type\" content=\"text/css\" />
		<link rel=stylesheet type=\"text/css\" href=\"assets/stylesheet.css\">
		<script language=\"JavaScript\" type=\"text/javascript\">
		<!--
			var old_modcat = false;
			function openMenu(modcat)
			{
				document.getElementById('menu_'+modcat).style.display = 'block';
				if(old_modcat!=false)
					document.getElementById('menu_'+old_modcat).style.display = 'none';
				document.getElementById(\"modcat_input\").value=modcat;
				if(old_modcat==modcat)
					old_modcat = false;
				else
					old_modcat = modcat;
			}

		-->
		</script>
		<title>".Config('TITLE')."</title>";
if($_FOCUS['direction']=='RTL')
	echo '<link rel="stylesheet" type="text/css" media="all" href="assets/rtl.css" />';
	echo "</head>
	<BODY background=assets/themes/".Preferences('THEME')."/bg.jpg leftmargin=6 marginwidth=4 topmargin=0 ".($_REQUEST['modcat']?"onload=openMenu('".$_REQUEST['modcat']."');":'').">";

// User Information
echo "<TABLE border=0 cellpadding=0 cellspacing=0 width=100% height=100%><TR><TD height=30>";
echo '<A HREF=index.php target=_top>'.DrawPNG('themes/'.Preferences('THEME').'/logo.png','border=0 width=154 height=34').'</A>';
echo "</TD></TR><TR>";
echo "<TD class=BoxContents style='border: inset #C9C9C9 2px; background-image:url(\"assets/bg.gif\")' width=100% valign=top>
	<FORM action=Side.php?modfunc=update method=POST>
	<INPUT type=hidden name=modcat value='' id=modcat_input>
	<b>".User('NAME')."</b>
	<BR>".date('l F j, Y')."
	<BR>";
if(User('PROFILE')=='admin')
{
	$schools = substr(str_replace(",","','",User('SCHOOLS')),2,-2);
	if(defined('USE_DISTRICTS') && USE_DISTRICTS===true)
	{
		if($_REQUEST['district'] && $_REQUEST['district']!=$_SESSION['district'] && $_REQUEST['district']!='All')
			unset($_SESSION['UserSchool']);
		if($_REQUEST['district']=='All')
			$_SESSION['district'] = '';
		elseif(isset($_REQUEST['district']))
			$_SESSION['district'] = $_REQUEST['district'];

		echo "<SELECT name=district onChange='document.forms[0].submit();' style='width:150;'><OPTION value='All'>All Districts</OPTION>";

		$field = DBGet(DBQuery("SELECT SELECT_OPTIONS FROM CUSTOM_FIELDS WHERE ID='44'"));
		$field = $field[1];
		$field['SELECT_OPTIONS'] = str_replace("\n","\r",str_replace("\r\n","\r",$field['SELECT_OPTIONS']));
		$select_options = explode("\r",$field['SELECT_OPTIONS']);
		if($schools)
			$districts = DBGet(DBQuery("SELECT DISTRICT FROM SCHOOLS WHERE ID IN ($schools)"),array(),array('DISTRICT'));

		foreach($select_options as $option)
		{
			if($schools && !$districts[$option])
				continue;

			echo '<OPTION value="'.str_replace('"','\"',$option).'"'.(($_SESSION['district']==$option)?' SELECTED':'').">".$option."</OPTION>";
		}
		echo "</SELECT><BR>";
	}

	echo "<SELECT name=school onChange='document.forms[0].submit();' style='width:150;'>";

	$QI = DBQuery("SELECT ID,TITLE FROM SCHOOLS WHERE 1=1 ".($schools?" AND ID IN ($schools)":'').(($_REQUEST['district'] && $_REQUEST['district']!='All')?" AND DISTRICT = '$_REQUEST[district]'":'').' ORDER BY TITLE');
	$RET = DBGet($QI);

	if(!UserSchool())
	{
		$_SESSION['UserSchool'] = $RET[1]['ID'];
		DBQuery("UPDATE USERS SET CURRENT_SCHOOL_ID='".$RET[1]['ID']."' WHERE STAFF_ID='".User('STAFF_ID')."'");
	}

	foreach($RET as $school)
		echo "<OPTION value=$school[ID]".((UserSchool()==$school['ID'])?' SELECTED':'').">".$school['TITLE']."</OPTION>";

	echo "</SELECT><BR>";
}

$year = date('Y');
echo "<SELECT name=syear onChange='document.forms[0].submit();'>";
for($i=$year-5;$i<=$year+5;$i++)
	echo "<OPTION value=".$i.((UserSyear()==$i)?' SELECTED':'').">".$i.((SystemPreferences('SYEAR_TITLE')=='YYYY-YYYY')?'-'.($i+1):'')."</OPTION>";
echo '</SELECT><BR>';

if(User('PROFILE')=='parent')
{
	$RET = DBGet(DBQuery("SELECT sju.STUDENT_ID,s.LAST_NAME||', '||s.FIRST_NAME AS FULL_NAME,se.SCHOOL_ID FROM STUDENTS s,STUDENTS_JOIN_USERS sju, STUDENT_ENROLLMENT se WHERE s.STUDENT_ID=sju.STUDENT_ID AND sju.STAFF_ID='".User('STAFF_ID')."' AND se.SYEAR=".UserSyear()." AND se.STUDENT_ID=sju.STUDENT_ID AND (('".DBDate()."' BETWEEN se.START_DATE AND se.END_DATE OR se.END_DATE IS NULL) AND '".DBDate()."'>=se.START_DATE)"));

	if(!UserStudentID())
		$_SESSION['student_id'] = $RET[1]['STUDENT_ID'];

	echo "<SELECT name=student_id onChange='document.forms[0].submit();'>";
	if(count($RET))
	{
		foreach($RET as $student)
		{
			echo "<OPTION value=$student[STUDENT_ID]".((UserStudentID()==$student['STUDENT_ID'])?' SELECTED':'').">".$student['FULL_NAME']."</OPTION>";
			if(UserStudentID()==$student['STUDENT_ID'])
				$_SESSION['UserSchool'] = $student['SCHOOL_ID'];
		}
	}

	echo "</SELECT><BR>";
}

if(User('PROFILE')=='teacher')
{
	//if(UserMP())
	//	$QI = DBQuery("SELECT DISTINCT cp.PERIOD_ID,cp.COURSE_PERIOD_ID,sp.TITLE,sp.SHORT_NAME,cp.MARKING_PERIOD_ID,cp.DAYS,cp.SCHOOL_ID,sp.SORT_ORDER,c.TITLE AS COURSE_TITLE FROM COURSE_PERIODS cp, SCHOOL_PERIODS sp,COURSES c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.PERIOD_ID=sp.PERIOD_ID AND cp.SYEAR='".UserSyear()."' AND cp.TEACHER_ID='".User('STAFF_ID')."' AND cp.MARKING_PERIOD_ID IN (".GetAllMP('QTR',UserMP()).") ORDER BY sp.SORT_ORDER ");
	//else
	$QI = DBQuery("SELECT DISTINCT cp.PERIOD_ID,cp.COURSE_PERIOD_ID,sp.TITLE,sp.SHORT_NAME,cp.MARKING_PERIOD_ID,cp.DAYS,cp.SCHOOL_ID,sp.SORT_ORDER,c.TITLE AS COURSE_TITLE FROM COURSE_PERIODS cp, SCHOOL_PERIODS sp,COURSES c WHERE c.COURSE_ID=cp.COURSE_ID AND cp.PERIOD_ID=sp.PERIOD_ID AND cp.SYEAR='".UserSyear()."' AND cp.TEACHER_ID='".User('STAFF_ID')."' ORDER BY sp.SORT_ORDER ");
	$RET = DBGet($QI);

	echo "<SELECT name=period onChange='document.forms[0].submit();' style='width:150;'>";
	$time = strtotime(DBDate('postgres'));
	foreach($RET as $i=>$period)
	{
		if($period['MARKING_PERIOD_ID']!='0' && GetMP($period['MARKING_PERIOD_ID'],'START_DATE') && GetMP($period['MARKING_PERIOD_ID'],'END_DATE') && ($time < strtotime(GetMP($period['MARKING_PERIOD_ID'],'START_DATE')) || $time > strtotime(GetMP($period['MARKING_PERIOD_ID'],'END_DATE'))))
		{}
		else
		{
			if(!UserPeriod())
				$_SESSION['UserPeriod'] = $RET[$i]['PERIOD_ID'];
			if(!UserCoursePeriod())
				$_SESSION['UserCoursePeriod'] = $RET[$i]['COURSE_PERIOD_ID'];
			echo "<OPTION value=$period[COURSE_PERIOD_ID]".((UserCoursePeriod()==$period['COURSE_PERIOD_ID'])?' SELECTED':'').">".$period['SHORT_NAME'].($period['MARKING_PERIOD_ID']!='0'?' '.GetMP($period['MARKING_PERIOD_ID'],'SHORT_NAME'):'').(strlen($period['DAYS'])<5?' '.$period['DAYS']:'').' - '.$period['COURSE_TITLE']."</OPTION>";
			if(UserCoursePeriod()==$period['COURSE_PERIOD_ID'])
			{
				if($period['SCHOOL_ID']!=UserSchool())
					unset($_SESSION['UserMP']);
				$_SESSION['UserSchool'] = $period['SCHOOL_ID'];
				$_SESSION['UserPeriod'] = $period['PERIOD_ID'];
			}
			unset($RET[$i]);
		}
	}

	if(count($RET))
	{
		if(!UserPeriod())
			$_SESSION['UserPeriod'] = $RET[1]['PERIOD_ID'];
		if(!UserCoursePeriod())
			$_SESSION['UserCoursePeriod'] = $RET[1]['COURSE_PERIOD_ID'];
		echo '<OPTGROUP label="'._('Inactive Courses').'">';
		foreach($RET as $period)
		{
			echo "<OPTION value=$period[COURSE_PERIOD_ID]".((UserCoursePeriod()==$period['COURSE_PERIOD_ID'])?' SELECTED':'').">".$period['SHORT_NAME'].($period['MARKING_PERIOD_ID']!='0'?' '.GetMP($period['MARKING_PERIOD_ID'],'SHORT_NAME'):'').(strlen($period['DAYS'])<5?' '.$period['DAYS']:'').' - '.$period['COURSE_TITLE']."</OPTION>";
			if(UserCoursePeriod()==$period['COURSE_PERIOD_ID'])
			{
				if($period['SCHOOL_ID']!=UserSchool())
					unset($_SESSION['UserMP']);
				$_SESSION['UserSchool'] = $period['SCHOOL_ID'];
				$_SESSION['UserPeriod'] = $period['PERIOD_ID'];
			}
		}
		echo '</OPTGROUP>';
	}
	echo "</SELECT><BR>";
}

$QI = DBQuery("SELECT MARKING_PERIOD_ID,TITLE FROM SCHOOL_QUARTERS WHERE SCHOOL_ID='".UserSchool()."' AND SYEAR='".UserSyear()."' ORDER BY SORT_ORDER");
$RET = DBGet($QI);
echo "<SELECT name=mp onChange='document.forms[0].submit();'>";
if(count($RET))
{
	if(!UserMP())
		$_SESSION['UserMP'] = $RET[1]['MARKING_PERIOD_ID'];

	$mp_selected = false;
	foreach($RET as $quarter)
	{
		if((UserMP()==$quarter['MARKING_PERIOD_ID']))
		{
			$mp_selected = true;
			$selected = ' SELECTED';
		}
		else
			$selected = '';

		echo "<OPTION value=$quarter[MARKING_PERIOD_ID]".$selected.">".$quarter['TITLE']."</OPTION>";
	}
	if(!$mp_selected)
		$_SESSION['UserMP'] = $RET[1]['MARKING_PERIOD_ID']; // if for some reason, the current UserMP is not one that's available, select the first one.  this probably indicates a bug in Side.php
}
echo "</SELECT>";
echo '</FORM>';
if(UserStudentID() && User('PROFILE')!='parent' && User('PROFILE')!='student')
{
	$RET = DBGet(DBQuery("SELECT FIRST_NAME,LAST_NAME,MIDDLE_NAME,NAME_SUFFIX FROM STUDENTS WHERE STUDENT_ID='".UserStudentID()."'"));
	echo '<TABLE border=0 cellpadding=0 cellspacing=0 width=100%><TR><TD bgcolor=#333366 width=19 valign=middle><A HREF=Side.php?student_id=new&modcat='.$_REQUEST['modcat'].'><IMG SRC=assets/x.gif height=17 border=0></A></TD><TD bgcolor=#333366><B><A HREF=Modules.php?modname=Students/Student.php&student_id='.UserStudentID().' target=body><font color=#FFFFFF size=-2>'.$RET[1]['FIRST_NAME'].'&nbsp;'.($RET[1]['MIDDLE_NAME']?$RET[1]['MIDDLE_NAME'].' ':'').$RET[1]['LAST_NAME'].'&nbsp;'.$RET[1]['NAME_SUFFIX'].'</font></A></B></TD></TR></TABLE>';
}
if(UserStaffID() && User('PROFILE')=='admin')
{
	if(UserStudentID())
		echo '<IMG SRC=assets/pixel_trans.gif height=2>';
	$RET = DBGet(DBQuery("SELECT FIRST_NAME,LAST_NAME FROM USERS WHERE STAFF_ID='".UserStaffID()."' AND SYEAR='".UserSyear()."'"));
	echo '<TABLE border=0 cellpadding=0 cellspacing=0 width=100%><TR><TD bgcolor=#333366 width=19 valign=middle><A HREF=Modules.php?modname=Users/Search.php&staff_id=new target=body><IMG SRC=assets/x.gif height=17 border=0></A></TD><TD bgcolor=#333366><B><A HREF=Modules.php?modname=Users/User.php&staff_id='.UserStaffID().' target=body><font color=#FFFFFF size=-2>'.$RET[1]['FIRST_NAME'].'&nbsp;'.$RET[1]['LAST_NAME'].'</font></A></B></TD></TR></TABLE>';
}
echo '<BR>';

// Program Information
require('Menu.php');
foreach($_FOCUS['Menu'] as $modcat=>$programs)
{
	if(count($_FOCUS['Menu'][$modcat]))
	{
		$keys = array_keys($_FOCUS['Menu'][$modcat]);
		$menu = false;
		foreach($keys as $key_index=>$file)
		{
			if(!is_numeric($file))
				$menu = true;
		}
		if(!$menu)
			continue;

		$search_modcat = $modcat;
		switch($modcat)
		{
			case 'School_Setup':
				$localized_modcat = _('School Setup');
			break;

			case 'Students':
				$localized_modcat = _('Students');
			break;

			case 'Users':
				$localized_modcat = _('Users');
			break;

			case 'Grades':
				$localized_modcat = _('Grades');
			break;

			case 'School_Information':
				$localized_modcat = _('School Information');
				$search_modcat = 'School_Setup';
			break;

			case 'My_Information':
				$localized_modcat = _('My Information');
				$search_modcat = 'Users';
			break;

			case 'My_Child':
				$localized_modcat = _('My Child');
				$search_modcat = 'Students';
			break;

			case 'Classes_&_Grades':
				$localized_modcat = _('Classes & Grades');
			break;

			case 'Attendance':
				$localized_modcat = _('Attendance');
			break;

			case 'Eligibility':
				$localized_modcat = _('Eligibility');
			break;

			case 'Discipline':
				$localized_modcat = _('Discipline');
			break;

			case 'Billing':
				$localized_modcat = _('Billing');
			break;

			case 'Reports':
				$localized_modcat = _('Reports');
			break;

			default:
				$localized_modcat = str_replace('_',' ',$modcat);
			break;
		}

		echo "<A style='cursor:pointer;' onclick='openMenu(\"".$modcat."\");parent.body.location=\"Modules.php?modname=$search_modcat/Search.php\";'>".DrawPNG('icons/'.$modcat.'.png','border=0')."<font color=blue face='Verdana, Arial, sans-serif'><B>".$localized_modcat."</B></font></A><BR>";
		echo "<DIV id=menu_".$modcat." style=\"display:none;\"><TABLE width=100%>";
		//foreach($_FOCUS['Menu'][$modcat] as $file=>$title)
		foreach($keys as $key_index=>$file)
		{
			$title = $_FOCUS['Menu'][$modcat][$file];
			if(substr($file,0,7)=='http://')
				echo "<TR><TD width=20></TD><TD class=BoxContents><b>&rsaquo;</b> <A HREF=$file target=body><font color=blue>$title</font></A></TD></TR>";
			elseif(!is_numeric($file))
				echo "<TR><TD width=20></TD><TD class=BoxContents><b>&rsaquo;</b> <A HREF=Modules.php?modname=$file target=body><font color=blue>$title</font></A></TD></TR>";
			elseif($keys[$key_index+1] && !is_numeric($keys[$key_index+1]))
				echo '<TR><TD colspan=2 height=3></TD></TR><TR><TD colspan=2 class=BoxContents> &nbsp; <b>'.$title.'</b></TD></TR>';
		}
		echo "</TABLE></DIV>";
	}
}

echo '</TD></TR></TABLE>';
echo '</BODY>';
echo '</HTML>';
?>